cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP CAP with Event Mesh - Error: JWT with audience is not issued for clientIds

Animatron56
Participant

4 weeks ago

0 Kudos

we are currently trying to integrate the event mesh into our SAP CAP application. We followed this tutorial here: https://cap.cloud.sap/docs/guides/messaging/event-mesh Therefore our files looks like the following: 

event mesh config: 

{
  "options": {
    "management": true,
    "messagingrest": true,
    "messaging": true
  },
  "rules": {
    "topicRules": {
      "publishFilter": ["${namespace}/subaccounts"],
      "subscribeFilter": ["${namespace}/subaccounts"]
    },
    "queueRules": {
      "publishFilter": ["${namespace}/subaccounts"],
      "subscribeFilter": ["${namespace}/subaccounts"]
    }
  },
  "authorities": ["$ACCEPT_GRANTED_AUTHORITIES"],
  "xs-security": {
    "oauth2-configuration": {
      "credential-types": ["binding-secret", "x509"]
    }
  },
  "version": "1.1.0",
  "emname": "our-cool-event-mesh",
  "namespace": "cool/event/mesh"
}

package json: 

{
...
"cds": {
  "requires":  {
         "messaging": {
        "[production]": {
          "queue": {
            "name": "$namespace/subaccounts"
          },
          "kind": "enterprise-messaging"
        },
        "[hybrid]": {
          "kind": "enterprise-messaging-shared"
        }
      },   
}
}
}

However, when we deploy the application, we get the error: 

Error: Jwt token with audience: [ "here the event mesh client id is shown", uaa ] is not issued for these clientIds: [ here our srv application is shown ]

ERR at returnError (/home/vcap/deps/0/node_modules/@sap/xssec/lib/validator.js:308:25)

ERR at /home/vcap/deps/0/node_modules/@sap/xssec/lib/validator.js:392:36

 

We googled a bit about this error and we came accross this issue for the SAP cloud sdk: https://github.com/SAP/cloud-sdk-js/issues/3050 

In the ticket it says that: " it looks like the error is because the jwt is not how the xssec library expects it to be" which also the error message kind of says that a validator returned this error. However we are using the latest sap/xssec library (3.6.1) and cannot influence it any further. 

We also tried to delete the event mesh and deploy it again, but this also didnt fix the issue. 

Is this an issue with the xssec library and I need to open a ticket for SAP or do we have the event mesh falsely configured?  

Thank you very much i advance! 

 

Show replies
Show replies
Dinu
Contributor
4 weeks ago
0 Kudos
What is in the rest of the stack trace?
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

SebastianSchuck
Active Participant
4 weeks ago

Open a sap support ticket. Without going into details, this should be a known issue. AFAIK, there is no fix beside adjusting the lib's implementation. Which I do not recommend as a workaround unless you are willing to take the risk of having to maintain your lib's customization moving forwards.

Show replies
Show replies
Ask a Question